Back to search
CVE-2021-20025
Published: May 13, 2021
Modified: Aug 3, 2024
PUBLISHED
Description
SonicWall Email Security Virtual Appliance version 10.0.9 and earlier versions contain a default username and a password that is used at initial setup. An attacker could exploit this transitional/temporary user account from the trusted domain to access the Virtual Appliance remotely only when the device is freshly installed and not connected to Mysonicwall.
| Vendor | Product | Versions |
|---|---|---|
SonicWall | Email Security Virtual Appliance | affected 10.0.9 and earlier |
Weaknesses (CWE)
References
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0012
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now